我正在尝试解密Powershell中的字符串并收到此错误。可能有什么不对?
答案 0 :(得分:0)
这个异常可以表示很多不同的东西,并不是所有这些都与填充有关,所以我试图对可能发生这种情况的所有不同场景进行编目。
如果你知道抛出此填充异常的另一种情况,请添加它。
首先,这是一个按预期工作的加密/解密示例。
$testData = "Hi there! This is a test of a string during encryption"
$enc = [system.Text.Encoding]::UTF8
$data = $enc.getBytes($testData)
# Encrypt some data
$encryptAlgorithm = [System.Security.Cryptography.SymmetricAlgorithm] (New-Object System.Security.Cryptography.AesCryptoServiceProvider)
$encryptAlgorithm.Mode = [System.Security.Cryptography.CipherMode]::CBC
$encryptAlgorithm.Padding = [System.Security.Cryptography.PaddingMode]::PKCS7
$encryptAlgorithm.KeySize = 128
$encryptAlgorithm.BlockSize = 128
$encryptAlgorithm.Key = @(1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
$encryptAlgorithm.IV = @(1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
$encryptor = [System.Security.Cryptography.ICryptoTransform]$encryptAlgorithm.CreateEncryptor()
$encryptorMemoryStream = new-Object IO.MemoryStream
$encryptorCryptoStream = new-Object Security.Cryptography.CryptoStream $encryptorMemoryStream,$encryptor,"Write"
$encryptorCryptoStream.Write($data, 0, $data.Length)
$encryptorCryptoStream.FlushFinalBlock();
$encryptedData = $encryptorMemoryStream.ToArray()
Write-Host $enc.GetString($encryptedData)
Write-Host $encryptedData.Length
# Decrypt some data
$descryptAlgorithm = [System.Security.Cryptography.SymmetricAlgorithm] (New-Object System.Security.Cryptography.AesCryptoServiceProvider)
$descryptAlgorithm.Mode = [System.Security.Cryptography.CipherMode]::CBC
$descryptAlgorithm.Padding = [System.Security.Cryptography.PaddingMode]::PKCS7
$descryptAlgorithm.KeySize = 128
$descryptAlgorithm.BlockSize = 128
$descryptAlgorithm.Key = @(1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
$descryptAlgorithm.IV = @(1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
$decryptor = [System.Security.Cryptography.ICryptoTransform]$descryptAlgorithm.CreateDecryptor()
$dataToDecrypt = $encryptedData
$decryptorMemoryStream = new-Object IO.MemoryStream @(,$dataToDecrypt)
$decryptorCryptoStream = new-Object Security.Cryptography.CryptoStream $decryptorMemoryStream,$decryptor,"Read"
$streamReader = new-Object IO.StreamReader $decryptorCryptoStream
try
{
Write-Output $streamReader.ReadToEnd()
}
catch
{
$e = $_.Exception
$msg = $e.Message
while ($e.InnerException) {
$e = $e.InnerException
$msg += "`n" + $e.Message
}
$msg
}
让我们看一些触发填充异常的例子。
无法刷新最后一个块
这个blog post很好地写了这个场景。
#$encryptorCryptoStream.FlushFinalBlock();
无效密钥
我在这里略微更改了用于解密密钥的字节数组,以模拟不匹配的密钥。
$descryptAlgorithm.Key = @(1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 17)
Rijndael管理空输入
$descryptAlgorithm = [System.Security.Cryptography.SymmetricAlgorithm] (New-Object System.Security.Cryptography.RijndaelManaged)
// ...
$dataToDecrypt = @()
填充无效
我手动在数据末尾添加了一些无效的填充来解密。
$dataToDecrypt = $encryptedData + @(1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
不同的填充方案
有趣的是,只有一些填充方案组合会导致填充错误。即使产生的刺痛不正确,很多人也会毫无错误地解密。
$descryptAlgorithm.Padding = [System.Security.Cryptography.PaddingMode]::ANSIX923
不同的区块大小
$descryptAlgorithm.BlockSize = 64